Offshore Outsourcing & Scammer

Blog about offshore outsourcing and scammer in the outsourcing industry

Malware application for non-jailbroken iPhones

iPhoneCybercriminals in Japan are focusing on iPhone clients with an online trick that deceives them into introducing a malevolent application when they endeavor to view porn features.

This sort of assault, known as a single tick extortion, is not new and has been utilized for quite a long time against Windows, Mac and Android clients. On the other hand, what's fascinating in this specific case is that it works even against non-jailbroken iPhones. 

Apple firmly controls how iOS applications are circulated to clients by constraining engineers to distribute them on the authority App Store where they are liable to Apple's audit strategies. Then again, there are exemptions to this standard as unique advancement programs for which members need to pay additional. 

All the more ON CSO: Mobile Security Survival Guide 

One such program is known as the iOS Developer Program and has a yearly participation expense of US$99. Designers enlisted in this system can appropriate applications over the air, outside of the authority App Store, yet there are a few limitations. They can just appropriate applications in this way to 100 gadgets for each year and the special IDs (UDID) of those gadgets should be enlisted ahead of time. 

Another project that is more adaptable, additionally more lavish, is known as the iOS Developer Enterprise Program. It is proposed for organizations who add to their own applications and need to introduce them on their workers' iOS gadgets without distributed them on the App Store. Interest in this system costs US$299 every year. 

Scientists from antivirus seller Symantec accept that Japanese cybercriminals are misusing the iOS Developer Enterprise Program in their most recent a single tick misrepresentation crusade, despite the fact that they don't have affirmation yet. 

"They could have either applied for membership on their own or compromised someone else's account," the specialists said Tuesday in a blog entry

Both those potential outcomes are awful. In the event that assailants petitioned participation, it would imply that the US$299 cost is no more a sufficiently high hindrance for them. The length of they can contaminate a vast countless rapidly and benefit from them, its justified, despite all the trouble for assailants to pay that passage value regardless of the fact that Apple will probably repudiate their designer ID when the assault is found. 

On the off chance that they utilized a bargained record, that may move others to do likewise. That would be awful news for organizations in light of the fact that interest for stolen designer records enlisted in the iOS Developer Enterprise Program would become on the secret business. 

The maverick application utilized as a part of this extortion battle obliges client affirmation before its introduced. On the off chance that that is acquired, the application will guarantee that the client has subscribed to a grown-up feature site and needs to pay 99,000 Japanese yen (just about $800) over the course of the following three days, or the cost will go up to 300,000 yen ($2,400). 

It's anything but difficult to perceive how that can be productive. On the off chance that a solitary casualty pays $800, the aggressors as of now profit paid for selecting in the iOS Developer Enterprise Program, in addition to a $500 benefit.

 

Scammer: Castle Pension Solutions - castlepensionsolutions.co.uk - Paul Rowe - Nick Danks

Paul RoweThe following posting from Raj Sharma at LinkedIn brought Castle Pension Solutions - castlepensionsolutions.co.uk into my focus.

The posting from Raj Sharma:

Beware!!!Beware!!!Beware!!!!Scam!!!Scam!!
scam!!!fraud!!fraud!!!fraud!!!
Beware!!Beware!!Beware!!Beware.
castlepensionsolutions.co.uk is a fraud.
Paul Rowe,the con-man and owner of castlepensionsolutions.co.uk has cheated with our company Gokyo Ri BPO as my manager rajen sing was constantly in touch with him and didnot pay our payment from last two months.We started working for him, in mid of february and started passing pension and bank reclaim leads to him.He made only 1st payment after making lots of excuses,but we continued to pass leads for him as we thought the reason which he was giving might be genuine.Suddenly,Paul started showing his true colour.He didnot make any payments afterthat.He started telling lies and giving unreasonable excuses.1st week he said we made payment,might be banking issue.Next week he said i had issue with account department .when we made several attempts to contact him through email and trying to reach him,he always avoided us.Sometimes,he said audit is going on,will pay later without giving any specific date.We tried to get our money till last week untill he completely refused to pay to us.If anyone need email and chat snap shot we are happy to share with you guys.Any thing you want to know about this fraud company and his cheater owner,please contact.
We want that these scammer and con man should be out of LinkdIn or any other sites so he cannot cheat with any other people and please avoid castlepensionsolutions.co.uk to work.We are thinking of taking legal action against him and his company and contacted Fraud and crime department of British High commission,New Delhi India.
Paul Rowe.
castlepensionsolutions.co.uk
Registrant's address:
21 Simonburn
Washignton
Tyne and Wear
NE38 0NJ.

Castle Pension SolutionsThe first what I see on their website, that the “company” is only named Castle Pension Solutions. A legal form under which the company is operating is not declared. So we try to find out if the company is registered under this name or if the any responsible person is found for this company.

Registered UK companies can get found at http://wck2.companieshouse.gov.uk/

As expected we find some other companies which are starting with Castle Pension but no Castle Pension Solutions.

Under the names Paul Rowe, Rowe Paul, Nick Danks or Danks Nick is no company registered. For this they are private persons and not company owner. This makes at least Nick Danks for the fraud full responsible. At least Nick Danks cannot hide himself, because the website is registered on his name and the name got verified (see at the domain registry: Registrant contact details validated by Nominet on 27-Mar-2014)

The given phone number at the homepage (UK: 07852196909) is a mobile phone number.

We see at the LinkedIn Profile of Paul Rowe that he has given a recommendation for Paul Danks.

At Facebook he describes himself as “Bank/Financial Institution”. A bank or a financial institution has in UK to be registered at the FCA (Financial Conduct Authority). There is a search about “Castle Pension Solutions”, Paul Rowe or Rowe Paul at http://www.fsa.gov.uk/register/firmSearchForm.do ended without any result.

My opinion: Paul Rowe is not more than an insurance salesman who likes to play CEO. He is unable to find customers by himself. For this he uses call center in low wage countries. He is even not able to pay them.

My recommendation: Each call center, which got cheated from Castle Pension Solutions - castlepensionsolutions.co.uk - Paul Rowe - Nick Danks should file a complaint with their proves at http://www.fca.org.uk/consumers/complaints-and-compensation

 

LinkedIn Paul Rowe: https://uk.linkedin.com/pub/paul-rowe/36/1a9/353

LinkedIn Nick Danks: https://uk.linkedin.com/in/nickdanks

Facebook Castle Pension Solutions: https://www.facebook.com/castlepensionsolutions (2016-02-25: Link removed - Facebook profile already not available)

Google+: https://plus.google.com/101662186451649408556/posts

 

Nicks DanksDomain name:
castlepensionsolutions.co.uk
Registrant:
Nick Danks
Registrant type:
UK Individual
Registrant's address:
21 Simonburn
Washignton
Tyne and Wear
NE38 0NJ
United Kingdom
Data validation:
Registrant contact details validated by Nominet on 27-Mar-2014
Registrar:
Paragon Internet Group Ltd t/a Tsohost [Tag = UKWEBHOSTING]
URL: [link removed] dates:
Registered on: 27-Mar-2014
Expiry date: 27-Mar-2016
Last updated: 24-Mar-2015
Registration status:
Registered until expiry date.
Name servers:
ns1.tsohost.co.uk 185.52.27.27
ns2.tsohost.co.uk 95.142.155.4
ns3.tsohost.co.uk 95.142.154.15
WHOIS lookup made at 07:20:39 16-Apr-2015
This WHOIS information is provided for free by Nominet UK the central registry for .uk domain names. This information and the .uk WHOIS are: Copyright Nominet UK 1996 - 2015.
You may not access the .uk WHOIS or use any data from it except as permitted by the terms of use available in full at [link removed] includes restrictions on: (A) use of the data for advertising, or its repackaging, recompilation, redistribution or reuse (B) obscuring, removing or hiding any or all of this notice and (C) exceeding query rate or volume limits. The data is provided on an 'as-is' basis and may lag behind the register. Access may be withdrawn or restricted at any time.

Beware!!!Beware!!!Beware...d!!!fraud!!! _ LinkedIn.pdf (348.55 kb)

Paul Rowe _ LinkedIn.pdf (8.62 mb)

Facebook Castle Pension Solutions.pdf (26.26 mb)

Google plus Castle Pension Solutions.pdf (26.26 mb)

Nick Danks _ LinkedIn.pdf (17.08 mb)


Update September 29, 2016: More than one year later I got the following email from Nick Danks:

Von: Nick Danks [mailto:Nick7danks@Googlemail.com]
Gesendet: Dienstag, 27. September 2016 01:37
An: rudolf.faix@wwpa.com
Betreff: CC Scam e-mail - Reporting abuse

Good afternoon,

I have discovered a blog post about a scammed and I have been included in the post to which I beleive to be an outrage. I help the business setup a basic website a few years ago but I have zero involvement with the business or the business owner. I pride myself on helping people in business and the reason I have been mentioned was due to a mistake on registering the domain in my name rather than the client due to the setting on my hosting.
I feel that the comments made about me personally should be removed as this is slander against me when it has nothing to do with me or what I am involved with.

Feel free to keep the post about the invididual but i hope you can see by reading the post that the comment and image about me is undeserved so please can you remove.

https://blog.wwpa.com/post/2015/05/24/scammer-castle-pension-solutions-castlepensionsolutions-co-uk-paul-rowe-nick-danks-follow-up along with the main post that this relates too.

Any questions please let me know and I would be happy to answer any questions needed to have this removed.

Kindest regards
Nick Danks


Author information

Name: Nick Danks
E-mail: Nick7danks@Googlemail.com
IP address: 151.225.8.50
User-agent: Mozilla/5.0 (Linux; Android 6.0.1; SM-G925F Build/MMB29K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36

Nick Danks has been the domain owner from castlepensionsolutions.co.uk at the time when the scam has happened and he is the only verified source in this case because Nominet, the British domain registry has verified his name and address. The LinkedIn profile from Paul Rowe got never verified and could get created by everybody. For this reason I tried to get a good explanation why the domain got registered on his name:

On 27 Sep 2016 01:33, "Rudolf Faix" <rudolf.faix@wwpa.com> wrote:

Hi

You are included in the post because you have been the owner of the domain at this time. As owner of the domain you are responsible for the content. If you have helped someone and this person has used the domain for fraud then you are in this case a partner in crime of the fraudster. Each attorney will give you the same answer.

best regards
Rudolf Faix
Affiliate Marketing Reviews
Fraud & Scam Systems
Offshore Outsourcing & Scammer

I would never register a domain for someone other by using my name. This would make me responsible for the content of the website. If someone is not able to register a domain by himself then he need to provide to me his exact data including credit card details for the payment options for beeing able to enter it into web form.

Von: Nick Danks [mailto:nick7danks@googlemail.com]
Gesendet: Dienstag, 27. September 2016 18:01
An: Rudolf Faix
Betreff: Re: AW: CC Scam e-mail - Reporting abuse

Thank you for your response.

The website was created and transfered to the client but it took quite a while to complete the amends therefore I was named until I was paid. Which I wasn't and lost money whilst working for that business. I was infact a supplier not a partner and believe I should be removed as I have not had any business dealings with the individual apart from suppling a website. I'm not even sure the business is still going as I've tried to seek payment myself.

Please can we work together to resolve this issue and remove my details and image

Kind regards
Nick Danks

The domain got really transferred on July 8, 2016 (more than one year after the scam had happened). But the new domain owner does is a Anthony Gregory and not a person with the name Paul Rowe. So I tried to find out if Paul Rowe is in reality Anthony Gregory. Even the new site content has been very suspicious. There is a online shoe shop but without any price information and an imprint with name and address, which is required by the European law is missing too. Here a screenshot:

Screenshot from castlepensionsolutions.co.uk - an online shoe shop without showing any prices and without any imprint

For this reason I have written:

On 27 Sep 2016 11:53, "Rudolf Faix" <rudolf.faix@wwpa.com> wrote:

I think it is not a big issue as “Paul Rowe” mentioned by himself in his email “Also nick danks if you had looked in to things properly he is just a Web creater.” (https://blog.wwpa.com/post/2015/05/24/scammer-castle-pension-solutions-castlepensionsolutions-co-uk-paul-rowe-nick-danks-follow-up)

The domain castlepensionsolutions.co.uk got transferred on July 8, 2016 to a person with the name Anthony Gregory, 21 WALSALL WOOD ROAD, WALSALL, WEST MIDLANDS, WS9 8QU, United Kingdom. Is this the original domain owner or a name which got found in a public phone directory? The actual content of the site does not really fit to the domain name. Shoes are something different than a pension system and the content is from cazpoo.co.uk – another scam site https://www.mywot.com/en/scorecard/cazpoo.co.uk?utm_source=addon&utm_content=warn-viewsc

Missing prices are not really something what someone is searching at an onlineshop and a missing imprint on the website does not make the site more trustful. It is even against the European law.

The problem is that I don’t believe into so many coincidences. Do you have any explanations?

best regards
Rudolf Faix
Affiliate Marketing Reviews
Fraud & Scam Systems
Offshore Outsourcing & Scammer

The answer from Nick Danks has been coming, but not with any expected explanation:

Von: Nick Danks [mailto:nick7danks@googlemail.com]
Gesendet: Dienstag, 27. September 2016 19:05
An: Rudolf Faix
Betreff: Re: AW: AW: CC Scam e-mail - Reporting abuse

What would you like me to explain? I created the website and asked for payment and didn't received anything so I'm in the same situation as you as a supplier which is why I'd like me image and name taken out in the post as it is damaging to my credibility and I help alot of businesses and charities.

If Paul Rowe has done things wrong then that's his problem not mine. From what I can see if he has asked for a service and it was received then he should of paid regardless of the excuses.

I know it doesn't seem like a big issue but to me it is as it's my name being damaged due to someone elses wrong doing.

Thank you for your help.

As Nick Danks has been the owner of the domain castlepensionsolutions.co.uk he has been responsible for the content of the website and for the case he has given it for rent he has been responsible that the website is not getting used for any crime. The UK law got already broken by the content of the website as it represented a business where whether Paul Rowe nor Nick Danks had the required permission or licences for it.

On 28 Sep 2016 01:02, "Rudolf Faix" <rudolf.faix@wwpa.com> wrote:

I told you that it is not a big deal to change the information in the posting for the reason as in the email of the other guy is written that you are only a web creator.

I have asked you: “Is the actual domain owner, Anthony Gregory, 21 WALSALL WOOD ROAD, WALSALL, WEST MIDLANDS, WS9 8QU, United Kingdom, your previous customer?”

best regards
Rudolf Faix
Affiliate Marketing Reviews
Fraud & Scam Systems
Offshore Outsourcing & Scammer

Nick Danks replied to my questions above:

Von: Nick Danks [mailto:nick7danks@googlemail.com]
Gesendet: Donnerstag, 29. September 2016 03:32
An: Rudolf Faix
Betreff: Re: AW: AW: AW: CC Scam e-mail - Reporting abuse

No the domain owner was Paul rowe and he's the one tahys stung people by the looks of it. Not sure who the other guy is.

The argumentation from Nick Danks has a big problem. If I have a hosting customer, who don't pay, I'll turn off his website for giving him a reason to pay his bills. As the WayBackMachine - archive.org shows, got the content from castlepensionsolutions.co.uk between June 22, 2014 and March 13, 2016 exactly 9 time captured and the content from the site got even changed.

Even the actual content - the online shoe shop without prices and without any imprint showing the owner from the page - from castlepensionsolutions.co.uk is nothing else than a scam. It is a copy from the website cazpoo.co.uk.

 

Internet without promotion: Adguard AdBlocker browser extension

AdGuardSimple install the Adguard browser extension if the promotion, pop-ups and pop unders from the different web pages is annoying you. Adguard AdBlocker is really fast and lightweight. It uses half as much memory as other popular solutions. Adguard can handle Anti-AdBlock scripts. You won't have to turn off the AdBlocker anymore to be able to visit the websites that are using such scripts. Just send a complaint to the Adguard tech support and they will handle it.

Adguard AdBlocker effectively blocks all types of advertising on all web pages, even on Facebook, Youtube, and others! Adguard makes your work on the Internet not only comfortable, but also safe - Browsing Security module blocks access to all fraudulent and malicious sites.

What Adguard AdBlocker does:

  • Blocks all ads including video ads (including Youtube video ads), rich media advertising like video ads, interstitial ads and floating ads, unwanted pop-ups, banners and text ads (including Facebook advertisements).
  • Speeds up page loading and saves bandwidth, thanks to the missing ads and pop up windows.
  • Blocks many spyware, adware and dialer installers (optional).
  • Protects your privacy by blocking common third-party tracking systems (optional).
  • Protects you from malware and phishing (optional).

 

Installation:

Firefox: You can install the latest release from addons.mozilla.org or download it from direct link https://chrome.adtidy.org/app.html?app=main.xpi,

Google Chrome: Install it from the Chrome Web Store

Internet Explorer: http://adguard.com/en/adblock-adguard-internet-explorer.html

Opera: You can install the latest release from addons.opera.com

Safari: You can install the latest release from extensions.safari.com

Yandex Browser: Starting with the version 14.2, Yandex.Browser introduced catalogue of recommended Extensions. This catalogue provides the free Adguard extension by default.

Install Adguard for Android: http://adguard.com/en/adguard-android/install.html#howToInstall

Adguard for Mac http://adguard.com/en/adguard-mac/overview.html

 

Why Google denies us real end-to-end encryption?

Why did we still do not have easy-to-use end-to-end encryption? The standard answer is far too complicated! But this is nonsense; Apple shows how to make it simple.

AndroidThe technical challenges for true end-to-end encryption are solved for many years. In principle, one could make the simple. With it would be sure not just anybody can easily read along our private and business communications.

Nevertheless, emails, chats and phone calls are still almost always in plain text. They are secured for transport (SSL / TLS), but at least, the service provider can read everything and often does. This course also various other interested parties that attach to help him, the contents of confidential messages.

At this point I always hear, end-to-end encryption is still far too complicated. Alone to generate key, not to mention the checking and signing - end users don’t like do that. In fact, I'll never get anyone to use PGP. Nevertheless, the argument is simply wrong.

Because there is already end-to-end encryption, which is so simple that they use many millions of users and do not even know this: Apple's iMessage encrypts any message with a key that is only known by the recipient. Not Apple, not the network operator and not the NSA. And the highlight: Thanks to Apple's iMessage is a sophisticated design that not a bit more complicated than traditional SMS. Each iPhone owners use it easily and has not to worry about the encryption. The encryption is just there.

This one who wants to read along these messages has to attack this encryption. This also applies to Apple or someone standing there with a National Security Letter at the door. In practice this means: It is not enough that Apple or engage NSAs to the appropriate server to write there the plaintext with, as would be the case with Google, Skype and almost all other services. Instead, Apple would have to actively engage in communication and distribute counterfeit keys.

Of course, experts will argue that Apple does not satisfy the pure doctrine and the user himself has no control over his keys. Specifically, the system is not hedged against the fact that Apple itself eventually distributed as "Man in the Middle" wrong keys. But these are details that go past the actual heart of the matter. It can get improved without much effort. (The ignorance and arrogance of Apple is typical and with that the refuse demands for such extensions and perhaps the other side of the coin is that Apple like no other company can create easy-to-use products). Is crucial, however, Apple is the only major manufacturer and service provider offering such end-to-end encryption at all.

The real question is: Why does Google's Android has no a similar function and nourishes us with Hangouts without proper encryption? I seriously doubt that Google no one has come up with this idea or that technological pioneer in so many areas that could not be implemented just as elegant as Apple; Moxie Marlinspike shows with TextSecure how this might look like. There is only one plausible explanation for why Google has nothing to offer in this respect:

Easy to use end-to-end encryption is undesirable.

There is strong political interest to be able to read the communication of all Internet users at any time without much effort. We can only speculate as large as the pressure is exerted by politicians and authorities on the Group. But much harder probably weighs Google own economic interest: With functioning end-to-end encryption, Google would torpedo his own business model. This is in fact based on that the Group can read and analyze our data - and then to present, inter alia for suitable advertising. This of course applies equally to Facebook; so you can write off any hopes about WhatsApp.

Apple, however, earns his money is still with the sale of equipment and Commissions from business apps and content. And they deserve it obviously so good that they - unlike Google and Facebook - have the luxury to leave us our privacy.

What does that mean for us now? Not that we should buy now Apple products. There are too many things that you can refuse to Apple for good reason. But we must not be fobbed off with cloudy promise to respect our privacy and the protection of our business communications to us. Correct and above all simple end-to-end encryption for all could be done - we must demand only finite.

 

Open Source Advertisement Blocker: Adblock Plus

Adblock Plus from https://adblockplus.org/en/ is a browser add on, which is blocking all annoying ads and warning from fraud sites. As it is open source it is free of charge.

The plug has the following advantages:

  • Surf the web without annoying ads!
  • Blocks banners, pop-ups and video ads - even on Facebook and YouTube
  • Unobtrusive ads aren't being blocked in order to support websites (configurable)
  • It's free!

 

It is available for:

  • Internet Explorer
  • Firefox
  • Opera
  • Google Chrome
  • Safari
  • Yandex
  • Maxthon
  • Android